Sample code for 30+ languages & platforms
Ruby

Duo Auth API - Async Auth

See more Duo Auth MFA Examples

If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.

Chilkat Ruby Downloads

Ruby
require 'chilkat'

success = false

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

integrationKey = "DIMS3V5QDVG9J9ABRXC4"
secretKey = "HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab"

http = Chilkat::CkHttp.new()

http.put_Accept("application/json")

# Use your own hostname here:
url = "https://api-a03782e1.duosecurity.com/auth/v2/auth"

# This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
# generate and send the HMAC signature for the requires based on the integration key and secret key.
http.put_Login(integrationKey)
http.put_Password(secretKey)

req = Chilkat::CkHttpRequest.new()
req.AddParam("username","matt")
req.AddParam("factor","push")
# The device ID can be obtained from the preauth response.  See Duo Preauth Example
req.AddParam("device","DP6GYVTQ5NK82BMR851F")
# Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
req.AddParam("async","1")

req.put_HttpVerb("POST")
req.put_ContentType("application/x-www-form-urlencoded")

resp = Chilkat::CkHttpResponse.new()
success = http.HttpReq(url,req,resp)
if (success == false)
    print http.lastErrorText() + "\n";
    exit
end

print "status code = " + resp.get_StatusCode().to_s() + "\n";

json = Chilkat::CkJsonObject.new()
success = json.Load(resp.bodyStr())
json.put_EmitCompact(false)
print json.emit() + "\n";

if (resp.get_StatusCode() != 200)
    exit
end

# Sample successful output:

# status code = 200

# {
#   "stat": "OK",
#   "response": {
#     "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
#   }
# }

txid = json.stringOf("response.txid")

# Use your own hostname here:
sbUrl = Chilkat::CkStringBuilder.new()
sbUrl.Append("https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=")
sbUrl.Append(txid)
url = sbUrl.getAsString()

print "Auth status URL: " + url + "\n";

sbResult = Chilkat::CkStringBuilder.new()

# Wait for a response...
i = 0
maxWaitIterations = 100
while i < maxWaitIterations
    # Wait 3 seconds.
    http.SleepMs(3000)

    print "Polling..." + "\n";

    success = http.HttpNoBody("GET",url,resp)
    if (success == false)
        print http.lastErrorText() + "\n";
        exit
    end

    if (resp.get_StatusCode() != 200)
        print "error status code = " + resp.get_StatusCode().to_s() + "\n";
        print resp.bodyStr() + "\n";
        print "Failed." + "\n";
        exit
    end

    # Sample response:

    # 	{
    # 	  "stat": "OK",
    # 	  "response": {
    # 	    "result": "waiting",
    # 	    "status": "pushed",
    # 	    "status_msg": "Pushed a login request to your phone..."
    # 	  }
    # 	}

    json.Load(resp.bodyStr())

    # The responseResult can be "allow", "deny", or "waiting"
    sbResult.Clear()
    json.StringOfSb("response.result",sbResult)
    responseStatus = json.stringOf("response.status")
    responseStatus_msg = json.stringOf("response.status_msg")

    print sbResult.getAsString() + "\n";
    print responseStatus + "\n";
    print responseStatus_msg + "\n";
    print "" + "\n";

    if (sbResult.ContentsEqual("waiting",true) == true)
        i = i + 1
    else
        # Force loop exit..
        i = maxWaitIterations
    end

end

print "Finished." + "\n";